From mboxrd@z Thu Jan 1 00:00:00 1970 From: Greg KH Date: Thu, 27 Aug 2009 15:22:40 +0000 Subject: Re: [security] Race condition in udev Message-Id: <20090827152240.GA6972@kroah.com> List-Id: References: <20090821102407.GA29609@florz.florz.dyndns.org> In-Reply-To: <20090821102407.GA29609@florz.florz.dyndns.org> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: linux-hotplug@vger.kernel.org On Thu, Aug 27, 2009 at 05:13:30PM +0200, Florian Zumbiehl wrote: > Hi, > > > On Wed, Aug 26, 2009 at 07:41:34PM +0200, Florian Zumbiehl wrote: > > > Anyhow, the current code does potentially allow more access than one > > > would expect when interpreting udev's configuration using the > > > well-known semantics of unix permissions, which is kindof worse > > > than "just not working". > > > > Again, you have failed to show how this would happen, given udev's > > existing rules that all distros ship. > > > > Until you do that, this thread is going nowhere. > > so, you think that udev's rules are not configuration that is to be > touched by an admin, but rather part of the code? For the most part, none of the default udev rules should need to be touched by an admin, otherwise the device naming scheme that is consistant across all distros would be messed up. Sure they can add their own rules if they want to, and lots do, but that's not the issue here, right? thanks, greg k-h